[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: BIND over TOR?



-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

running your own bind does not eliminate dns leaks, out of your node
will still emerge dns requests and that's all that's needed to do the
time-correlation.

It should be possible, however, to proxy bind through tor, but only
through a transparent proxy with iptables or running the bind daemon
through tsocks. I'm not sure exactly what is required.

numE wrote:
> Hi,
> 
> i just configured a local caching only dns server
> to use the open root server network (www.orsn.org).
> 
> in my opinion it brings some benefits compared to using my isp's dns
> server and the open root server network is independent from ICANN dns
> servers.
> 
> --
> 
> now it would be interesting to torify bind to get even more security.
> is this possible?
> 
> 
> thanks in advance.
> 

- --
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.5 (GNU/Linux)

mQGiBERj1vMRBACVgg5fJVUARD0cJHm/PzLU3oDoIPlraL1SyjLQcLDQt1mDmfk5
bIsvFYUujcM2j4s072Gufm1/52N27JESvtRc3zlAzCUZ8rHdwT7q5pELALBe+5WN
Ug+iJhejCgeIQpxDy7tlaW0ZMFS8DQcN2mUa+I+Gn1Fv1Vpz9ltniKRoowCgt+6M
2HmK6DpGJpHbi0UE6H6DMi8D/0bXstm6yIc11ldpYK0vLp91+HIyiYcWexS+LY0Q
QYfYKnzoy1TfziLULMBdCItzvw5wsa3nS4EBuRBFZACEB8X6VZTjDY+bt1UP20RY
2yXy9xJ2DMJxwoNRvSTwCcOdCdSJQMeElhh6XzWAxdHASH8orOK9dcB0K4eyh8pX
dQSkA/9u8cgQeIsALNaVkWg+CoL+hEu3fP3BmqyDEQrQlI/j5zaFwjiakP8fwCpm
NOnH6JJwksiNQT/TpRAht5BLIuLUEHtqY/GaCkqE5v0CStDbVEK+ZFPw7ePlAL1J
VIPl9GNkQRR0ScwOIK7s0XP1PpIA0FTq7LrXdWeyUY6QzPiy/7QeZ2x5bXIgPGds
eW1yX2Rhcmttb29uQG1sMS5uZXQ+iGAEExECACAFAkRj1vMCGyMGCwkIBwMCBBUC
CAMEFgIDAQIeAQIXgAAKCRAaQ7PBp6zsm6aOAJ98KrhhH05KtM3HmVUY0ud/W1Db
QgCfcyB2mZuVlWk+NwGRvT5pwdyArXC0IGdseW1yIDxnbHltcl9kYXJrbW9vbkB5
YWhvby5jb20+iGAEExECACAFAkRuMj8CGyMGCwkIBwMCBBUCCAMEFgIDAQIeAQIX
gAAKCRAaQ7PBp6zsm+5+AKCiWMvUd6SoPOFVLf/X4Mc5aucjrwCfRi/61tCSqKkb
qXyFHcAOMmFW8tu5BA0ERGPYGhAQALyvvcNnKI6nfpZTGVwpzVvDho4irlQCvVvt
/wAE8UfTFBuv1HhMtNi3CCTEVaunA8Ezh0F9VM0r/CoaDCNHKHunBe12lyA7lBxi
tEvvr1trLttWlgjpY5oFS8iaEChFLYsBnrDC6gr+SIxOVdobFupHRCqEMsPZEubi
732s0X5B1RMlvGN9lMatumnr8BwAgzMGDi6xwx6Psh3+7Tgfrc/uiwJLbNms2Vkw
eKoVuFG62TpBzD5pNW8+uS9BN+OUlgAeFD3VyG72scbn84NECkN6fyv8l9j9k+gD
+fGcg5a4/RtGC8XTD41RTHBRZ4J5xIeKt1lOPYY4sEsrvrYC6qRklne8mxQ+f9F2
LtxBRFjDYq+yNjpL3+t0GsqzwiDKVsJmamcovGmzbFL9rkocr0X53Y1SmQkwn4Yh
sXZaSFXIht57kgdx8taWKeksexdSBBG9rFBexzshfIaxc3J67zB+SkoUMKU52rH7
d3quCgtOoqYz4LjdDOhaETQNAwJwv6Vha5eb292ZPXLT/wRQ7RzYlPZ3ikonwjuB
slWF6JtEe/J51lgaEPZW6c/Rovt9uekBdpnAkc9zqOml1BfKVvOVq5ESs0C6QtjF
PelSEakrlF9vs71xXHxupkzRqPDIgRQ2mbsLponi7Iuopn25A8VmH0xztMdPKwXn
0GM5YtfDAAMFEACJ33XNxiiyy+o7WLBHRextCEVaE12C7oJdMs1Nom149yZPBhtR
PbpLai8+J2pd8LV17fIYQ+Cg+5fdQyjn6hgTA/0kA7Y3v+SrCXocDKiTkqw+hljW
D+xWkJ96N7JOiidZ+7FqrI3Mn6DJFPcF8WM50LWDogR2C7ik7J/GuBLoLOCXgIXm
gBK0tk6fr1Fn54MJ5UTnMo74EwM/e199agwtdv8C0csJBQkW3HgCpUgYXNQi0SbA
RmC+4Sl38ac6Fbut4Dznsod5om19cq53dnSL/z4lZz8r9nk46j1/NCB9IbNMWZMz
QYKx6kqmOPaUuce8mfPvJmUpkCFUEdATvrJkirSOS2zkdG6tZeXUG2+x+edyZRpB
lyZzczl531y/6SsV5v78g5kIgKewedNGTWXRAqj3A90nUXfGYsy6Vo33Hqhg5Vs3
OczP5mxQUyuRlkPyuLT8/2NU6vppNm/J34RX4bJHK0NqNmp/lA1y267t0Jiv3NHf
1WEICYiXb7kJWKcQSNjFKjUJiOIVfHpIsiiLKd/tOQht5tWXC4zNm1uOhskXcEYh
RlLCbRgcdNdy78fdfNhDlN29Cu20TkJQMnBG92mUyxB+8+yRlsgfsytauJqO0sLv
Vd2WS2wm0C+oPstBRrza+U1VZDyK2BPAbb1RS+var6m46uhu59xHMSKRTYhJBBgR
AgAJBQJEY9gaAhsMAAoJEBpDs8GnrOybfAYAn34P2SFPj4/dcenDocaOCGFa0rbR
AJ4qkvG2Euv7nc1GxfFPK2+MbEuqnw==
=1PSJ
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFHvnYGkOzwaes7JsRA+qHAKCyt02f22aa+L28OHgoZVC2sKXhmACgqQ9X
UIkfnbPFLHtt9D6HY7B+SPQ=
=VcjK
-----END PGP SIGNATURE-----